<? 
session_start(); 
?> 
<html> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> 
<title>Simple Login Script Crated By Wallpapera and Webune Hosting</title> 
</head> 
<body> 
<? 
function form($error) 
{ 
?> 
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> 

<tr> 
<form name="form1" method="post" action=""> 
<td> 
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> 

<tr align="center"> 
<td colspan="3"><? if($error){ echo $error; } else { echo '<strong>Member Login </strong>'; } ?></td> 
</tr> 
<tr> 
<td width="78">Username</td> 

<td width="6">:</td> 
<td width="294"><input name="username" type="text" id="username"></td> 

</tr> 
<tr> 
<td>Password</td> 
<td>:</td> 
<td><input name="password" type="password" id="password"></td> 

</tr> 
<tr> 
<td>&nbsp;</td> 
<td>&nbsp;</td> 
<td><input type="submit" name="Submit" value="Login"></td> 

</tr> 
</table> 
</td> 
</form> 
</tr> 
</table> 
<? 
} 
function login_check($username,$password) 
{ 

$db = mysql_connect("localhost", "user", "password") or die('Script Could not connect to database'); 
mysql_select_db("script",$db); 

# THE WILL HELP YOU WITH SQL INJECTION 
$password = mysql_real_escape_string(md5($password)); 
$password = mysql_real_escape_string($username); 

$sql = "SELECT username,password FROM members where username = '".$username."'"; 

$result = mysql_query($sql ,$db); 
if ($myrow = mysql_fetch_array($result)) 
{ 
if($username == $myrow['username'] && $password == $myrow['password']) 
{ 
$login_check = true; 
} 

else 
{ 
$login_check = false; 
} 
} 
else 
{ 
$login_check = false; 
} 

return $login_check; 
}
 
if(isset($_REQUEST['Submit'])) 
{ 
if(!$_POST['username'] || !$_POST['password']) 
{ 
$error = 'Error: All fields are required'; 
echo form($error); 
} 

else 
{ 
if (login_check($_POST['username'],$_POST['password'])) 
{ 
echo 'Congratulations! You are now logged in<br><a href="./">Continue</a>'; 

session_register("username"); 
session_register("password"); 
} 
else 
{ 
$error = "Invalid username or password, try again"; 

echo form($error); 
} 
} 
} 
else 
{ 
if($_GET['logout']) 
{ 
session_destroy(); 
$error = "Logged Out Success - Try Again"; echo form($error); } else { if ($_SESSION['username']) { if (login_check($_SESSION['username'],$_SESSION['password'])) { echo '<a href="?logout=yes">Log out</a>Wallpaperama is a collection of high quality, high resolution wallpapers for free. Download Free Wallpapers for free at Wallpaperama.com'; } else { $error = "Please Login"; echo form($error); } } else { $error = "Welcome, Please Login"; echo form($error); } } } ?><div align="center"> 
<p>&nbsp;</p> 
<p>PHP Hosting By <a href="http://www.webune.com">Webune.com</a></p> 
</div> </body> 

</html>
